U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Anoop Singhal (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 26 - 50 of 72

Determining Forensic Data Requirements for Detecting Hypervisor Attacks

August 7, 2019
Author(s)
Changwei Liu, Anoop Singhal, Ramaswamy Chandramouli, Duminda Wijesekera
Hardware/Server virtualization is a key feature of data centers used for cloud computing services and enterprise computing that enables ubiquitous access to shared system resources. Server virtualization is typically performed by a hypervisor, which

CASFinder: Detecting Common Attack Surface

June 11, 2019
Author(s)
Meng Zhang, Yue Xin, Lingyu Wang, Sushil Jajodia, Anoop Singhal
Code reusing is a common practice in software development due to its various benefits. Such a practice, however, may also cause large scale security issues since one vulnerability may appear in many different software due to cloned code fragments. The well

A Methodology for Enabling Forensic Analysis Using Hypervisor Vulnerabilities Data

June 5, 2019
Author(s)
Ramaswamy Chandramouli, Anoop Singhal, Duminda Wijesekera, Changwei Liu
Hardware/Server Virtualization is a key feature of data centers used for cloud computing services and enterprise computing that enables ubiquitous access to shared system resources. Server virtualization is typically performed by a hypervisor, which

A Layered Graphical Model for Cloud Forensic and Mission Impact Analysis

February 1, 2019
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
In this paper, we describe a layered graphical model to analyze the impact of cyber attacks on business processes and services. Our model has three layers: the upper layer models the business processes and their dependencies. The middle layer constructs

Threat Modeling for Cloud Infrastructures

December 21, 2018
Author(s)
Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal
Today's businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the

Towards Cyber Resiliency in the Context of Cloud Computing

November 30, 2018
Author(s)
Xiaoyan Sun, Peng Liu, Anoop Singhal
Correct and accurate mission impact assessment is the essential prerequisite of mission-aware cyber resilience. However, an overlooked gap has been existing between mission impact assessment and cyber resilience. This article attempts to bridge the gap by

Modeling and Mitigating the Insider Threat of Remote Administrators in Clouds

July 10, 2018
Author(s)
Nawaf Alhebaishi, Lingyu Wang, Sushil Jajodia, Anoop Singhal
As today's cloud providers strive to attract customers with better services and less downtime in a highly competitive market, they increasingly rely on remote administrators including those from third party providers for fulfilling regular maintenance

Surviving Unpatchable Vulnerabilities through Multi-Option Network Hardening

March 23, 2018
Author(s)
Daniel Borbor, Lingyu Wang, Sushil Jajodia, Anoop Singhal
The administrators of a mission critical network usually have to worry about non-traditional threats, e.g., how to live with known, but unpatchable vulnerabilities,and how to improve the network's resilience against potentially unknown vulnerabilities. To

A Layered Graphical Model for Mission Attack Impact Analysis

December 21, 2017
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
In this paper, we describe a layered graphical model to analyze the mission impacts of attacks for forensic investigation. Our model has three layers: the upper layer models operational tasks and their dependencies; the middle layer reconstructs attack

Towards Probabilistic Identification of Zero-day Attack Paths

October 24, 2017
Author(s)
Xiaoyan Sun, Dai Jun, Peng Liu, Anoop Singhal, John Yen
Zero-day attacks continue to challenge the enterprise network security defense. A zero-day attack path is formed when a multi- step attack contains one or more zero-day exploits. Detecting zero-day attack paths in time could enable early disclosure of zero

Identifying Evidence for Implementing a Cloud Forensic Analysis Framework

September 28, 2017
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
Cloud computing provides several benefits to organizations such as increased flexibility, scalability and reduced cost. However, it provides several challenges for digital forensics and criminal investigation. Some of these challenges are the dependence of

Towards Actionable Mission Impact Assessment in the Context of Cloud Computing

June 22, 2017
Author(s)
Xiaoyan Sun, Anoop Singhal, Peng Liu
Today's cyber-attacks towards enterprise networks often undermine and even fail the mission assurance of victim networks. Mission cyber resilience (or active cyber defense) is critical to prevent or minimize negative consequences towards missions. Without

Threat Modeling for Cloud Data Center Infrastructures

December 29, 2016
Author(s)
Nawaf Alhebaishi, Lingyu Wang, Sushil Jajodia, Anoop Singhal
Cloud computing has undergone rapid expansion throughout the last decade. Many companies and organizations have made the transition from traditional data centers to the cloud due to its flexibility and lower cost. However, traditional data centers are

A Probabilistic Network Forensics Model for Evidence Analysis

September 20, 2016
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensics tools to cover their attack traces. Due to the current limitations of intrusion detection and forensic analysis tools, reconstructing attack

Poster:A Logic Based Network Forensics Model for Evidence Analysis

October 15, 2015
Author(s)
Anoop Singhal, Changwei Liu, Duminda Wijesekera
Modern-day attackers tend to use sophisticated multi-stage/multi-host attack techniques and anti-forensics tools to cover their attack traces. Due to the current limitations of intrusion detection and forensic analysis tools, reconstructing attack

Who Touched my Mission: Towards Probabilistic Mission Impact Assessment

October 12, 2015
Author(s)
Xiaoyan Sun, Anoop Singhal, Peng Liu
Cyber attacks inevitably generate impacts towards relevant missions. However, concrete methods to accurately evaluate such impacts are rare. In this paper, we propose a probabilistic approach based on Bayesian networks for quantitative mission impact

A Logic Based Network Forensics Model for Evidence Analysis

January 28, 2015
Author(s)
Changwei Liu, Anoop Singhal, Duminda Wijesekera
Many attackers tend to use sophisticated multi-stage and/or multi-host attack techniques and anti-forensic tools to cover their traces. Due to the limitations of current intrusion detection and network forensic analysis tools, reconstructing attack

Metrics of Security

December 15, 2014
Author(s)
Yi Cheng, Julia Deng, Jason Li, Scott DeLoach, Anoop Singhal, Xinming Ou
Discussion of challenges and ways of improving Cyber Situational Awareness dominated our previous chapters. However, we have not yet touched on how to quantify any improvement we might achieve. Indeed, to get an accurate assessment of network security and